| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.60.0411250938330.3490@tnelson.webalive.biz> Date: Thu, 25 Nov 2004 09:45:25 +1100 (EST) From: Tim Nelson <security@...alive.biz> To: Steve Revilak <srevilak@...akeasy.net> Cc: James Youngman <bugtraq@...ession.spiral-arm.org>, parimiv@...haw.com, martin.buchholz@....com, levon@...ementarian.org, bugtraq@...urityfocus.com, bug-findutils@....org Subject: Re: Changes to the filesystem while find is running - comments? On Tue, 23 Nov 2004, Steve Revilak wrote: >> On Mon, 22 Nov 2004, James Youngman wrote: >> >>> I have run into a problem as of findutils-4.2.7. This is simply that >>> there seem to be cases where automountd on Solaris works by exchanging >>> one mounted filesystem for another. I could support/allow this > >> From: Tim Nelson > >> Under what sort of conditions are the filesystems exchanged? >> Whenever it feels like it? Or are there conditions under which this >> happens? (I'm just thinking that maybe, by knowing the conditions, we'll >> be able to come up with another useful check). > > This is what I've been able to determine through observation of > automounted directories on Solaris 8. > > For the sake of example let's say that /mount is the root directory > for an automounter map. /mount/<subdir> are the individual mount > points within the automounter map. > > * / has device no. R > > * /mount has device number X (where X != R). X doesn't seem to > change. > > * /mount/SUBDIR has device number X when not mounted (same device > number as /mount) > > * /mount/SUBDIR has device number Y when mounted (where Y != X) > > * Unlike some automounter implementations, the directory > /mount/SUBDIR will not disappear when /mount/SUBDIR becomes > unmounted. Nor will it disappear when the automounter exits. > /mount/SUBDIR is created when the automounter starts. > > * If /mount/SUBDIR is not mounted, accessing /mount/SUBDIR does not > trigger a mount. > > * If /mount/SUBDIR is not mounted, accessing /mount/SUBDIR/. does > trigger a mount. Ok, so the sequence in find is currently (in pseudo-perl): ----------- $old = stat $dir; chdir $dir; $new = stat $dir; wd_sanity_check($old, $new); ----------- If your information is correct, then what we need to do is something like: ----------- $tmp = $dir . '.'; $old = stat $tmp; chdir $dir; $new = stat $tmp; wd_sanity_check($old, $new); ----------- Would that do it, or am I missing something? > With other automounter implementations (Fedora core 1 & 2, Mac OSX > 10.3), a mount will be triggered merely by accessing /mount/SUBDIR (as > opposed to /mount/SUBDIR/.). These cases don't pose a problem -- as > far as find is concerned, it sees the device number after the mount > has occurred. Assuming that accessing /mount/SUBDIR/. also triggers a mount on the other OSs, the example above should work on everything. If it doesn't, we might have to do two stats the first time, one on $dir and then one on $tmp. :) -- Tim Nelson Server Administrator WebAlive Technologies Global Level 1 Innovation Building, Digital Harbour 1010 LaTrobe Street Docklands, Melbourne, Vic, 3008 Phone: +61 3 9934 0812 Fax: +61 3 9934 0899 E-mail: tim.nelson@...alive.biz http://www.webalive.biz/
Powered by blists - more mailing lists